Leveraging reconnaissance tricks to exploit a vulnerability that allows accessing Revenue and Traffic data of thousands of Shopify stores — Index Introduction Almost vulnerable Getting da wordlist A Fail The new approach The exploit Timeline Takeaway Permission to write a blog post was given by Shopify prior to this public disclosure 1. Introduction About one year ago when I was hacking on Shopify program, I had to set a few alerts to get…